1 mod-auth-mysql (4.3.9-11) unstable; urgency=medium
3 * Change section web to net
4 * Bumped standards version
5 * Fix CVE-2008-2384: Encode strings securely via
6 mysql_real_escape_string [013-CVE-2008-2384_charset.dpatch]
8 -- Joey Schulze <joey@infodrom.org> Wed, 21 Jan 2009 18:58:04 +0100
10 mod-auth-mysql (4.3.9-10) unstable; urgency=low
12 * Document disabling BasicAuth and basic group file in USAGE
13 [011-auth_basic.dpatch] (closes: Bug#502895, Bug#382242)
14 * Add support for specifying the connection character set via
15 Auth_MySQL_CharacterSet [012-charset.dpatch] (closes: Bug#356530)
17 -- Joey Schulze <joey@infodrom.org> Fri, 21 Nov 2008 17:07:25 +0100
19 mod-auth-mysql (4.3.9-9) unstable; urgency=low
21 * Insert the copyright notice with names and note patches coming from
24 -- Joey Schulze <joey@infodrom.org> Wed, 21 May 2008 07:55:27 +0200
26 mod-auth-mysql (4.3.9-8) unstable; urgency=low
28 * New maintainer (closes: Bug#407360)
29 * New source package name
30 * Clarified history and license
31 * Improve documentation wrt. Auth_MySQL_Group_Field [005-directives.dpatch]
32 * Properly set unsigned char (i.e. 1-byte int) config variables, patch
33 by Adrian Bridgett <adrian@smop.co.uk> [006-options.dpatch]
34 (closes: Bug#287160, Bug#385679, Bug#393769)
35 * Stop altering the AUTH_MYSQL_VERSION with an old Debian revision
37 * Unify AuthMySQL_ and Auth_MySQL_ namespace [007-unify_namespace.dpatch]
38 * Adjust the buffer size used by make_scrambled_password()
39 [008-make_scrambled_password.dpatch] (closes: Bug#356064, Bug#346192,
41 * Adjust config parser data type for _Port to int, thanks to Lehel
42 Bernadt <lehel@pmc-services.hu> [009-port-int.dpatch] (closes: Bug#356147)
43 * Provide an Apache authentication method, thanks to Andreas Barth
44 <aba@not.so.argh.org> [010-enctype-apache.dpatch] (closes: Bug#287547)
46 -- Joey Schulze <joey@infodrom.org> Thu, 15 May 2008 14:50:06 +0200
48 libapache-mod-auth-mysql (4.3.9-7) unstable; urgency=low
51 * And actually add 004-reconnect.dpatch to debian/patches/00list...
52 Thanks to Martin Schulze.
54 -- Matej Vela <vela@debian.org> Wed, 27 Feb 2008 16:05:31 +0100
56 libapache-mod-auth-mysql (4.3.9-6) unstable; urgency=low
59 * debian/rules: Gah, don't break if the Makefile isn't there.
62 -- Matej Vela <vela@debian.org> Wed, 13 Feb 2008 19:25:22 +0100
64 libapache-mod-auth-mysql (4.3.9-5) unstable; urgency=low
67 * debian/patches/004-reconnect.dpatch: Automatically re-establish
68 connections with MySQL 5.0.3+. Thanks to Johann Glaser for the patch.
70 * debian/rules: Let dh_strip handle DEB_BUILD_OPTIONS=nostrip.
72 * debian/rules: Remove support for DEB_BUILD_OPTIONS=debug.
73 * debian/rules: Don't ignore errors from `make distclean'.
74 * Conforms to Standards version 3.7.3.
76 -- Matej Vela <vela@debian.org> Tue, 12 Feb 2008 15:55:39 +0100
78 libapache-mod-auth-mysql (4.3.9-4) unstable; urgency=low
81 * Stop building libapache-mod-auth-mysql (Closes: #429104)
82 * Remove B-D on apache-dev
83 * Lets set DH_COMPAT in debian/compat, not debian/rules
84 * Update debian/rules not to build the apache13 module anymore.
85 * Conforms with latest Standards Version 3.7.2
87 -- Michael Ablassmeier <abi@debian.org> Tue, 19 Jun 2007 11:09:00 +0200
89 libapache-mod-auth-mysql (4.3.9-3) unstable; urgency=medium
92 * Set maintainer to Debian QA Group <packages@qa.debian.org>.
93 * apache2 module depends now on apache2.2-common.
94 * Removed the ,,changes* directories from the diff.gz.
95 * Use now make distclean instead of make clean in debian/rules.
96 * Build-depend now on dpatch.
97 * Build-depend now on debhelper 5 instead of 4.
98 * Converted the patches to dpatch.
99 * Applied a patch to fix FTBFS against apache2.2 (Closes: #389579).
100 Thanks to Julian Calaby for the patch.
102 -- Mario Iseli <admin@marioiseli.com> Sun, 11 Feb 2007 14:04:10 +0100
104 libapache-mod-auth-mysql (4.3.9-2.1) unstable; urgency=medium
106 * Non-maintainer upload.
107 Rebuild against libmysqlclient15. Closes: #343771
109 -- Christian Hammers <ch@debian.org> Tue, 21 Feb 2006 21:43:01 +0100
111 libapache-mod-auth-mysql (4.3.9-2) unstable; urgency=low
113 * Rebuild for libmysqlclient12. Closes: #298671.
114 * Clarify USAGE for md5 passwords. Closes: #298071.
116 -- Matthew Palmer <mpalmer@debian.org> Thu, 10 Mar 2005 08:48:03 +1100
118 libapache-mod-auth-mysql (4.3.9-1) unstable; urgency=low
120 * New upstream release, which codifies the way that multiple require
121 statements are meant to work.
123 -- Matthew Palmer <mpalmer@debian.org> Fri, 24 Dec 2004 00:30:40 +1100
125 libapache-mod-auth-mysql (4.3.8-1) unstable; urgency=low
127 * Now converted to a non-native package, as I've got a user who is not a
129 * Fixed the configure script to properly detect whether libcrypt needs to
130 be a separate library.
131 * Guarded all instances of CRYPT_DES_ENCRYPTION_FLAG, so you can build the
132 module without crypt() being present.
134 -- Matthew Palmer <mpalmer@debian.org> Fri, 5 Nov 2004 22:07:14 +1100
136 libapache-mod-auth-mysql (4.3.7) unstable; urgency=low
138 * Added a new encryption type, SHA1Sum, using a patch kindly prepared by
139 Joseph Walton. Closes: #271730.
141 -- Matthew Palmer <mpalmer@debian.org> Mon, 20 Sep 2004 10:26:41 +1000
143 libapache-mod-auth-mysql (4.3.6) unstable; urgency=high
145 * Fixed a security bug where an error in the execution of
146 mysql_check_group() causes the group check to succeed. Closes: #271721.
147 Thanks to Joseph Walton for finding the problem and providing a patch.
149 -- Matthew Palmer <mpalmer@debian.org> Wed, 15 Sep 2004 10:59:26 +1000
151 libapache-mod-auth-mysql (4.3.5) unstable; urgency=high
153 * High urgency on the request of Adam Conrad to try and get Apache2
155 * Rebuild to back out the ill-fated apache2 LFS transition (so much for
156 comprehensive testing...) Closes: #267354.
157 * Bumped the apache2-*-dev build-dep and apache2 dep to >= 2.0.50-10.
159 -- Matthew Palmer <mpalmer@debian.org> Sun, 22 Aug 2004 21:08:58 +1000
161 libapache-mod-auth-mysql (4.3.4) unstable; urgency=medium
163 * Rebuild to support new Apache2 ABI. Closes: #266177.
165 -- Matthew Palmer <mpalmer@debian.org> Tue, 17 Aug 2004 10:01:34 +1000
167 libapache-mod-auth-mysql (4.3.3) unstable; urgency=low
169 * Really fixed the multi-group checking. Seems I put the "you're not
170 invited" return at the wrong scope. Where's my dwim() function, dammit.
171 Closes: #257879 (I promise).
173 -- Matthew Palmer <mpalmer@debian.org> Fri, 13 Aug 2004 00:23:02 +1000
175 libapache-mod-auth-mysql (4.3.2) unstable; urgency=low
177 * Fixed multi-group checking; if multiple groups are listed in the
178 'require group' directive, the code only checked for the first one.
179 Thanks to Karsten Richter for finding the bug and fixing it.
181 * Cleaned up a define and associated bits to allow compilation under
182 gcc-2.95. And we didn't even need a versioned build-depends.
185 -- Matthew Palmer <mpalmer@debian.org> Fri, 6 Aug 2004 20:19:43 +1000
187 libapache-mod-auth-mysql (4.3.1) unstable; urgency=low
189 * Determined that safe_mysql_query() wasn't retrying on some retryable
190 errors, and fixed it up so that it retries once if the server wandered
191 off before we started. Closes: #255985.
193 -- Matthew Palmer <mpalmer@debian.org> Sun, 27 Jun 2004 21:34:59 +1000
195 libapache-mod-auth-mysql (4.3.0) unstable; urgency=low
197 * Two new directives, Auth_MySQL_DefaultPort and Auth_MySQL_DefaultSocket.
198 * Related to the above, the specification of port or socket as part of the
199 hostname is no longer permitted. Hopefully nobody got too attached to
200 that, as it wasn't documented as such anyway.
201 * Straightened out various bits of twisty code.
202 * Removed the crazy host/port/socket parsing code which (I believe) was
203 causing all the screwed up hostname grief. Closes: #251704.
205 -- Matthew Palmer <mpalmer@debian.org> Wed, 16 Jun 2004 17:39:10 +1000
207 libapache-mod-auth-mysql (4.2.1) unstable; urgency=low
209 * Added some directives to the Apache2 config handler which were somehow
210 missed in the initial conversion. Closes: #252455.
211 * Fixed a string termination issue in the connection code.
214 -- Matthew Palmer <mpalmer@debian.org> Fri, 4 Jun 2004 10:28:21 +1000
216 libapache-mod-auth-mysql (4.2.0) unstable; urgency=low
218 * Applied a patch from Takeshi Murakami to add Apache 2 support and the
219 ability to specify a port number or socket file (for those times you
220 just gotta do it). Closes: #231667. Many thanks to Takeshi for taking
221 the time to do the Apache2 conversion (which appears to have been a fair
223 - Updated DIRECTIVES for the new port/socket specifiers.
224 - Added new --with-apache and --with-apache2 ./configure options to
225 enable/disable build support for both modules.
226 - New binary package, libapache2-mod-auth-mysql, to provide the
227 apache2-compiled version of m-a-m. Closes: #248415. Also updated
228 build-deps and all that sort of thing. Small parts shamelessly
229 stolen from libapache2-mod-auth-pgsql.
230 * Bumped standards version; no changes needed.
231 * Reversed the sense of the persistent check on connection close; the
232 program now behaves like it's documentation. Closes: #243995.
234 -- Matthew Palmer <mpalmer@debian.org> Tue, 11 May 2004 15:09:07 +1000
236 libapache-mod-auth-mysql (4.1.8) unstable; urgency=low
238 * Added conditionals and more calls to modules-config so that the module
239 will install nicely into all apache flavours. Closes: #226425.
240 * Applied a functionality improvement from Jakub Stachowski to add some
241 arbitrary SQL to the end of a query, to improve matching.
244 -- Matthew Palmer <mpalmer@debian.org> Fri, 16 Jan 2004 12:47:46 +1030
246 libapache-mod-auth-mysql (4.1.7) unstable; urgency=low
248 * Added a postinst and postrm which should add and remove the module from
249 Apache's module list. Closes: #220239
250 * Thwap! Forgot that sec->user_field might be NULL, so we shouldn't set
251 auth_user_field to it if it's empty.
252 * Added more ways to set user_group_field in the group checking query.
253 Also added a default, so it'll never be NULL.
254 * Some punctuation changes in the group check query string.
255 * Tracked down a particularly vicious segfault (and fixed another bug in
257 * Finally tracked down the cause of require groups not working.
258 Closes: #216859. Many thanks to Stephen Leclerc for putting up with my
259 many fruitless debugging attempts, since I couldn't reproduce the
260 problem on my systems, but it was consistent for him.
262 -- Matthew Palmer <mpalmer@debian.org> Wed, 19 Nov 2003 00:02:10 +1100
264 libapache-mod-auth-mysql (4.1.6) unstable; urgency=low
266 * Escaped $ signs in MD5 configure test, so it works properly. Thanks to
267 Emmanuel Lacour for working this one out. (Closes: #212179)
269 -- Matthew Palmer <mpalmer@debian.org> Wed, 24 Sep 2003 09:39:06 +1000
271 libapache-mod-auth-mysql (4.1.5) unstable; urgency=low
273 * Applied patch supplied by Martin Kos to allow groups of a user to be
274 specified as a MySQL SET. (Closes: #200535)
276 -- Matthew Palmer <mpalmer@debian.org> Sun, 13 Jul 2003 19:00:17 +1000
278 libapache-mod-auth-mysql (4.1.4.1) unstable; urgency=low
280 * Yet more #ifdef'd debugging, since I suspect a need for more sacrificial
283 -- Matthew Palmer <mpalmer@debian.org> Fri, 16 May 2003 17:37:15 +1000
285 libapache-mod-auth-mysql (4.1.4) unstable; urgency=low
287 * Now with a log message indicating "auth failed".
288 * More logging around query generation, to solve a mysterious bug.
289 * USAGE a little more detailed on the subject of encryption types.
292 -- Matthew Palmer <mpalmer@debian.org> Wed, 7 May 2003 17:18:17 +1000
294 libapache-mod-auth-mysql (4.1.3) unstable; urgency=low
296 * Updated the Build-Deps to point to the LGPL'd libmysqlclient10-dev,
297 rather than the GPL'd libmysqlclient-dev (which is actually lmc12-dev
298 now). Pesky licenses. Closes: #189212.
300 -- Matthew Palmer <mpalmer@debian.org> Wed, 16 Apr 2003 17:05:22 +1000
302 libapache-mod-auth-mysql (4.1.2) unstable; urgency=low
304 * FFS... Automade makefiles suck. Duplicated the cleaning action of make
305 distclean in debian/rules. Closes: #189107.
307 -- Matthew Palmer <mpalmer@debian.org> Wed, 16 Apr 2003 09:09:58 +1000
309 libapache-mod-auth-mysql (4.1.1) unstable; urgency=low
311 * New version numbering scheme. Screw this upstream-debian thing, I *am*
312 the damn upstream (oooh, I love the power).
313 * Fixed the blasted zombie connection problem. Simple really - as long as
314 Apache played ball (which it didn't). Closes: #184443. Yippee! Much
315 thanks *must* go to john@pensol.com who did the hard work of identifying
316 the exact circumstances under which this bug occured, and provided a
317 fair bit of the logic required to fix it.
318 * Added analogous Auth_MySQL_Group_User_Field command, fixed code to align
319 with documentation (group_user is the same as the username field, by
320 default). All together, Closes: #187678.
322 -- Matthew Palmer <mpalmer@debian.org> Mon, 14 Apr 2003 23:27:08 +1000
324 libapache-mod-auth-mysql (4.1.0-2) unstable; urgency=low
326 * Added not null qualifier in USAGE so that it's valid MySQL.
328 * Added the DIRECTIVES file to the documentation. (Closes: #181692)
330 -- Matthew Palmer <mpalmer@debian.org> Thu, 20 Feb 2003 13:06:21 +1100
332 libapache-mod-auth-mysql (4.1.0-1) unstable; urgency=low
334 * New upstream version.
335 * Modified rules to accomodate new configure script.
337 -- Matthew Palmer <mpalmer@debian.org> Wed, 13 Nov 2002 01:25:13 +1100
339 libapache-mod-auth-mysql (4.0.0-3) unstable; urgency=low
341 * Removed the custom APLOG_MARK I defined - it really isn't necessary, and
342 just makes the logfile uglier.
343 * Uncommented the check to see if the module has been disabled in config.
344 Another one of those "WTF?" moments. (Closes: #166458)
345 * Hunted down all error messages which don't involve errno and explicitly
346 set errno to 0 (to avoid weird errors in logging messages).
348 -- Matthew Palmer <mpalmer@debian.org> Sun, 10 Nov 2002 15:24:27 +1100
350 libapache-mod-auth-mysql (4.0.0-2) unstable; urgency=low
352 * Uncomment the Auth_MySQL directives from the directives list. Why it
353 ever got commented in the first place is completely beyond me.
356 -- Matthew Palmer <mpalmer@debian.org> Thu, 17 Oct 2002 09:30:54 +1000
358 libapache-mod-auth-mysql (4.0.0-1) unstable; urgency=low
360 * New upstream release. Mostly just a merge of two differing versions of
361 the upstream software, as well as some minor fiddling.
363 -- Matthew Palmer <mpalmer@debian.org> Sat, 28 Sep 2002 12:43:46 +1000
365 libapache-mod-auth-mysql (3.2-2) unstable; urgency=low
367 * Added support for PHP-style MD5 hashes. (Closes: #158287)
368 * New maintainer, at the consent of the previous maintainer. Thanks to
369 Matthew Wilcox for his work on the package to date.
370 * Bumped standards-version to 3.5.7.
371 * Integrated debhelper a bit more, DH_COMPAT=4.
372 * New version. (Closes: #100692)
374 -- Matthew Palmer <mpalmer@debian.org> Mon, 23 Sep 2002 11:08:57 +1000
376 libapache-mod-auth-mysql (3.2-1) unstable; urgency=low
378 * Split from apache 1.3.22-5 package to reduce apache dependencies.
380 -- Matthew Wilcox <willy@debian.org> Wed, 9 Jan 2002 15:15:23 -0700